Hacking the Internet of Things and the Connected Home

BBC News, 19th August 2014

The Internet of Things (IoT) may just be a floodgate of insecurity opening up and letting potential intruders into every aspect of our lives. It may sound like scare mongering bu the BBC did its own investigating and the results are a little disturbing if not entirely surprising.

Undoubtedly, IoT will be prevasive and our gadgets and applicances will be Internet enabled for various reasons from simple diagnostics and support to remote control and access. It seems as if it is a foregone conclusion.

Should we be afraid? Should we lock down and get ready for an onslaught of hackers into our home and devices? You have to believe that the vendors of IoT are going to understand the liability implications and take every precaution to make their devices secure. However, user input is still required. Humans, fallible humans, are going to set passwords and just be plain lazy when it comes down to it.

Or maybe they just won't know because who the heck wants to be responsible for technical support in their home? It's going to be an ongoing debate. We don't think anyone has the answers and we certainly don't want to believe that the situation is intractable.

The BBC set up a house filled with a variety of smart gadgets and asked researchers to demonstrate how easy it was to crack the security systems on them.

Liam Hagan, a researcher from security firm Nettitude, said he was "shocked" at the poor job baby monitors and wi-fi cameras did to protect the pictures and sounds they were gathering.

"One of the big issues is that one wi-fi video camera makes itself available to the internet regardless of your firewall," he said. "Anyone who knows your IP address would be greeted with the login screen for the camera."

With one camera he tested, entering a default login name and password granted access to the images and sounds the device was capturing. There was no prompt to change these credentials to protect privacy, he said.